What is CVE-2025-13030?

CVE-2025-13030 is a high-severity vulnerability in Pylixm Django-mdeditor, classified under Missing Authentication for Critical Function. CVSS score: 7.1/10. Published 2026-04-30.

How severe is CVE-2025-13030?

High severity. CVSS v3 base score is 7.1 out of 10.

Auth bypass in Pylixm Django-mdeditor

CVE-2025-13030

All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary code execution since this endpoint lacks…

Vulnerability class: Broken Authentication

EPSS: 0.001 (31.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L.

Affected products

Pylixm Django-mdeditor
N/a Django-mdeditor — versions 0

Weakness classification (CWE)

CWE-306 — Missing Authentication for Critical Function

References

report@snyk.io (Third Party Advisory)
report@snyk.io (Broken Link)
report@snyk.io (Issue Tracking)
report@snyk.io (Issue Tracking)
report@snyk.io (Patch)

Frequently asked questions

What is CVE-2025-13030?: CVE-2025-13030 is a high-severity vulnerability in Pylixm Django-mdeditor, classified under Missing Authentication for Critical Function. CVSS score: 7.1/10. Published 2026-04-30.
How severe is CVE-2025-13030?: High severity. CVSS v3 base score is 7.1 out of 10.